
<!DOCTYPE HTML>
<html lang="" >
    <head>
        <meta charset="UTF-8">
        <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
        <title>Apache · GitBook</title>
        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
        <meta name="description" content="">
        <meta name="generator" content="GitBook 3.2.3">
        
        
        
    
    <link rel="stylesheet" href="../gitbook/style.css">

    
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-back-to-top-button/plugin.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-chapter-fold/chapter-fold.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-splitter/splitter.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-search-pro/search.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-insert-logo/plugin.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-pageview-count/plugin.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-tbfed-pagefooter/footer.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-highlight/website.css">
                
            
                
                <link rel="stylesheet" href="../gitbook/gitbook-plugin-fontsettings/website.css">
                
            
        

    

    
        
    
        
    
        
    
        
    
        
    
        
    

        
    
    
    <meta name="HandheldFriendly" content="true"/>
    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-status-bar-style" content="black">
    <link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
    <link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">

    
    <link rel="next" href="TomCat.html" />
    
    
    <link rel="prev" href="Nginx.html" />
    

    </head>
    <body>
        
<div class="book">
    <div class="book-summary">
        
            
<div id="book-search-input" role="search">
    <input type="text" placeholder="Type to search" />
</div>

            
                <nav role="navigation">
                


<ul class="summary">
    
    

    

    
        
        
    
        <li class="chapter " data-level="1.1" data-path="../">
            
                <a href="../">
            
                    
                    Introduction
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2" data-path="../base.html">
            
                <a href="../base.html">
            
                    
                    数字证书基础知识
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.2.1" data-path="../base/domain.html">
            
                <a href="../base/domain.html">
            
                    
                    域名相关技术介绍
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2.2" data-path="../base/ip.html">
            
                <a href="../base/ip.html">
            
                    
                    IP地址相关技术介绍
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2.3" data-path="../base/server.html">
            
                <a href="../base/server.html">
            
                    
                    服务器相关技术介绍
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2.4" data-path="../base/https.html">
            
                <a href="../base/https.html">
            
                    
                    HTTPS原理
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.2.5" data-path="../base/pki.html">
            
                <a href="../base/pki.html">
            
                    
                    PKI体系
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.3" data-path="../install.html">
            
                <a href="../install.html">
            
                    
                    数字证书安装教程
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.3.1" data-path="IIS6.html">
            
                <a href="IIS6.html">
            
                    
                    IIS6
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.2" data-path="IIS7.html">
            
                <a href="IIS7.html">
            
                    
                    IIS7
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.3" data-path="Nginx.html">
            
                <a href="Nginx.html">
            
                    
                    Nginx
            
                </a>
            

            
        </li>
    
        <li class="chapter active" data-level="1.3.4" data-path="Apache.html">
            
                <a href="Apache.html">
            
                    
                    Apache
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.5" data-path="TomCat.html">
            
                <a href="TomCat.html">
            
                    
                    TomCat
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.6" data-path="bt.html">
            
                <a href="bt.html">
            
                    
                    宝塔面板
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.7" data-path="Cpanl.html">
            
                <a href="Cpanl.html">
            
                    
                    Cpanl面板
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.3.8" data-path="other.html">
            
                <a href="other.html">
            
                    
                    其他
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.4" data-path="../ecmp.html">
            
                <a href="../ecmp.html">
            
                    
                    ECManager使用
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.4.1" data-path="../ecmp/registration.html">
            
                <a href="../ecmp/registration.html">
            
                    
                    用户注册
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.2" data-path="../ecmp/Improve.html">
            
                <a href="../ecmp/Improve.html">
            
                    
                    完善用户资料
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.3" data-path="../ecmp/protection.html">
            
                <a href="../ecmp/protection.html">
            
                    
                    开启登陆保护
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.4" data-path="../ecmp/Recharge.html">
            
                <a href="../ecmp/Recharge.html">
            
                    
                    账户充值
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.5" data-path="../ecmp/csr.html">
            
                <a href="../ecmp/csr.html">
            
                    
                    生成CSR
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.6" data-path="../ecmp/cname.html">
            
                <a href="../ecmp/cname.html">
            
                    
                    DNS验证域名所属权
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.7" data-path="../ecmp/file.html">
            
                <a href="../ecmp/file.html">
            
                    
                    文件验证域名所属权
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.8" data-path="../ecmp/mail.html">
            
                <a href="../ecmp/mail.html">
            
                    
                    邮件验证域名所属权
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.9" data-path="../ecmp/single.html">
            
                <a href="../ecmp/single.html">
            
                    
                    签发DV单域名数字证书
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.10" data-path="../ecmp/muitl.html">
            
                <a href="../ecmp/muitl.html">
            
                    
                    签发DV多域名数字证书
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.11" data-path="../ecmp/Wildcard.html">
            
                <a href="../ecmp/Wildcard.html">
            
                    
                    签发DV泛域名数字证书
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.12" data-path="../ecmp/company.html">
            
                <a href="../ecmp/company.html">
            
                    
                    签发企业OV/EV多域名数字证书
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.13" data-path="../ecmp/replace.html">
            
                <a href="../ecmp/replace.html">
            
                    
                    单域名/泛域名证书更换域名
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.14" data-path="../ecmp/modify.html">
            
                <a href="../ecmp/modify.html">
            
                    
                    多域名证书增加/删除/修改域名
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.15" data-path="../ecmp/revoke.html">
            
                <a href="../ecmp/revoke.html">
            
                    
                    证书吊销
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.16" data-path="../ecmp/Refund.html">
            
                <a href="../ecmp/Refund.html">
            
                    
                    数字证书退款
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.4.17" data-path="../ecmp/caa.html">
            
                <a href="../ecmp/caa.html">
            
                    
                    更改DNS CAA记录
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="1.5" data-path="../q.html">
            
                <a href="../q.html">
            
                    
                    常见问题
            
                </a>
            

            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.5.1" data-path="../q/tls1_2.html">
            
                <a href="../q/tls1_2.html">
            
                    
                    Windows Server 2008 R2 IIS 7.5开启TLS 1.2
            
                </a>
            

            
        </li>
    
        <li class="chapter " data-level="1.5.2" data-path="../q/iis7_qianyi.html">
            
                <a href="../q/iis7_qianyi.html">
            
                    
                    IIS7站点批量迁移到另一台IIS7服务器
            
                </a>
            

            
        </li>
    

            </ul>
            
        </li>
    

    

    <li class="divider"></li>

    <li>
        <a href="https://www.gitbook.com" target="blank" class="gitbook-link">
            Published with GitBook
        </a>
    </li>
</ul>


                </nav>
            
        
    </div>

    <div class="book-body">
        
            <div class="body-inner">
                
                    

<div class="book-header" role="navigation">
    

    <!-- Title -->
    <h1>
        <i class="fa fa-circle-o-notch fa-spin"></i>
        <a href=".." >Apache</a>
    </h1>
</div>




                    <div class="page-wrapper" tabindex="-1" role="main">
                        <div class="page-inner">
                            
<div id="book-search-results">
    <div class="search-noresults">
    
                                <section class="normal markdown-section">
                                
                                <h1 id="apache&#x914D;&#x7F6E;ssl&#x8BC1;&#x4E66;">Apache&#x914D;&#x7F6E;SSL&#x8BC1;&#x4E66;</h1>
<h2 id="&#x914D;&#x7F6E;ssl&#x8BC1;&#x4E66;">&#x914D;&#x7F6E;SSL&#x8BC1;&#x4E66;</h2>
<h4 id="&#x4E00;&#x3001;&#x67E5;&#x627E;&#x914D;&#x7F6E;&#x6587;&#x4EF6;">&#x4E00;&#x3001;&#x67E5;&#x627E;&#x914D;&#x7F6E;&#x6587;&#x4EF6;</h4>
<p>&#x5F00;&#x59CB;&#x914D;&#x7F6E;&#x4E4B;&#x524D;&#x60A8;&#x9700;&#x8981;&#x627E;&#x5230;&#x4F4D;&#x4E8E;&#x5BA2;&#x6237;&#x673A;&#x4E0A;&#x7684; Apache &#x914D;&#x7F6E;&#x6587;&#x4EF6; httpd.conf&#x3002;
&#xFF08; Windows &#x5BA2;&#x6237;&#x673A;&#x4E0A;&#x7684;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x5730;&#x5740;&#x901A;&#x5E38;&#x4E4E;&#x4F1A;&#x4F4D;&#x4E8E;&#x6240;&#x7528;&#x96C6;&#x6210;&#x73AF;&#x5883;&#x7684;&#x5B89;&#x88C5;&#x6587;&#x4EF6; /Apache/conf &#x6587;&#x4EF6;&#x5939;&#x5185;&#xFF09;</p>
<h4 id="&#x4E8C;&#x3001;&#x5F00;&#x542F;-modssl-&#x6A21;&#x5757;">&#x4E8C;&#x3001;&#x5F00;&#x542F; mod_ssl &#x6A21;&#x5757;</h4>
<ol>
<li>&#x8BF7;&#x4F7F;&#x7528; Notpad++ &#x7F16;&#x8F91;&#x5668;&#xFF08;&#x4E0D;&#x8981;&#x4F7F;&#x7528; Windows &#x8BB0;&#x4E8B;&#x672C;&#xFF09;&#x6253;&#x5F00;&#x67E5;&#x627E;&#x5230; httpd.conf &#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x3002;</li>
<li>&#x5728;&#x7F16;&#x8F91;&#x5668;&#x5185;&#x6309;&#x4E0B;&#x67E5;&#x627E;&#x5FEB;&#x6377;&#x952E; Control+F &#x5524;&#x51FA;&#x5185;&#x5BB9;&#x67E5;&#x627E;&#x5668;&#xFF0C;&#x8F93;&#x5165; mod_ssl.so &#x5E76;&#x70B9;&#x51FB;&#x67E5;&#x627E;&#x3002;</li>
<li>&#x53BB;&#x9664;&#x4E0B;&#x9762;&#x4E24;&#x884C;&#x4E4B;&#x524D;&#x7684; # &#x53F7;&#xFF0C;&#x5E76;&#x4FDD;&#x5B58;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x3002;</li>
</ol>
<pre><code>LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
</code></pre><h4 id="&#x4E09;&#x3001;&#x5F00;&#x542F;apache-ssl&#x529F;&#x80FD;">&#x4E09;&#x3001;&#x5F00;&#x542F;Apache SSL&#x529F;&#x80FD;</h4>
<p>&#x7EE7;&#x7EED;&#x7F16;&#x8F91;&#x914D;&#x7F6E;&#x6587;&#x4EF6; httpd.conf&#xFF0C;&#x5728;&#x6587;&#x4EF6;&#x672B;&#x5C3E;&#x589E;&#x52A0;&#x4E0B;&#x5217;&#x5185;&#x5BB9;&#x5E76;&#x4FDD;&#x5B58;&#xFF1A;</p>
<pre><code>Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache     &quot;shmcb:logs/ssl_scache(512000)&quot;
SSLSessionCacheTimeout  300
</code></pre><h4 id="&#x56DB;&#x3001;&#x51C6;&#x5907;&#x8BC1;&#x4E66;&#x6587;&#x4EF6;">&#x56DB;&#x3001;&#x51C6;&#x5907;&#x8BC1;&#x4E66;&#x6587;&#x4EF6;</h4>
<p>&#x8BF7;&#x60A8;&#x4EE5; .crt &#x7ED3;&#x5C3E;&#x6216; .pem &#x7ED3;&#x5C3E;&#x7684;&#x8BC1;&#x4E66;&#x3001;CA &#x8BC1;&#x4E66;&#x94FE;&#x6587;&#x4EF6;&#x548C;&#x4EE5; .key &#x7ED3;&#x5C3E;&#x7684;&#x79C1;&#x94A5;&#x6587;&#x4EF6;&#x4E0A;&#x4F20;&#x81F3; httpd.conf &#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x6240;&#x5728;&#x76EE;&#x5F55;&#x4E0B;&#x7684; ssl &#x6587;&#x4EF6;&#x5939;&#x5185;&#xFF08;&#x82E5;&#x65E0; ssl &#x6587;&#x4EF6;&#x5939;&#x8BF7;&#x521B;&#x5EFA;&#xFF09;
&#x4E3A;&#x4E86;&#x65B9;&#x4FBF;&#x7406;&#x89E3;&#xFF0C;&#x8FD9;&#x91CC;&#x5047;&#x8BBE;&#x6211;&#x4EEC;&#x4E0A;&#x4F20;&#x7684;&#x8BC1;&#x4E66;&#x548C;&#x79C1;&#x94A5;&#x6587;&#x4EF6;&#x4E3A;&#xFF1A;</p>
<pre><code>ssl/mydomain.pem
ssl/ca-chain.pem
ssl/mydomain.key
</code></pre><h4 id="&#x4E94;&#x3001;&#x521B;&#x5EFA;&#x7F51;&#x7AD9;&#x7684;ssl&#x914D;&#x7F6E;&#x6587;&#x4EF6;">&#x4E94;&#x3001;&#x521B;&#x5EFA;&#x7F51;&#x7AD9;&#x7684;SSL&#x914D;&#x7F6E;&#x6587;&#x4EF6;</h4>
<p>&#x5728; httpd.conf &#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x6240;&#x5728;&#x7684;&#x76EE;&#x5F55;&#x4E0B;&#x9762;&#xFF0C;&#x4E3A;&#x9700;&#x8981;&#x914D;&#x7F6E;&#x8BC1;&#x4E66;&#x7684;&#x7F51;&#x7AD9;&#x65B0;&#x5EFA;&#x4E00;&#x4E2A; SSL &#x914D;&#x7F6E;&#x6587;&#x4EF6;&#xFF0C;&#x540D;&#x4EE5;&#x7F51;&#x7AD9;&#x57DF;&#x540D;&#x547D;&#x4EE4;&#xFF0C;&#x5982;&#xFF1A;mydomain-ssl.conf&#x3001;mydomain-ssl.conf&#x7684;&#x6587;&#x4EF6;&#x5185;&#x5BB9;&#x5982;&#x4E0B;&#xFF1A;</p>
<pre><code>&lt;VirtualHost *:443&gt;
DocumentRoot &quot;\www\mydomain&quot;
ServerName mydomain.com:443
ServerAlias www.mydomain.com
ErrorLog &quot;logs/error_log&quot;
TransferLog &quot;logs/access_log&quot;

SSLEngine on
SSLCertificateFile &quot;/conf/ssl/mydomain.pem&quot;
SSLCertificateKeyFile &quot;/conf/ssl/mydomain.key&quot;
SSLCertificateChainFile &quot;/conf/ssl/ca-chain.pem&quot;
&lt;/VirtualHost&gt;
</code></pre><p>&#x4FDD;&#x5B58;&#x7AD9;&#x70B9;SSL&#x914D;&#x7F6E;&#x6587;&#x4EF6;</p>
<h4 id="&#x516D;&#x3001;&#x6FC0;&#x6D3B;&#x7AD9;&#x70B9;ssl&#x529F;&#x80FD;">&#x516D;&#x3001;&#x6FC0;&#x6D3B;&#x7AD9;&#x70B9;SSL&#x529F;&#x80FD;</h4>
<p>&#x518D;&#x6B21;&#x7F16;&#x8F91; httpd.conf &#x914D;&#x7F6E;&#x6587;&#x4EF6;&#xFF0C;&#x5728;&#x6587;&#x4EF6;&#x672B;&#x5C3E;&#x589E;&#x52A0;&#x4E00;&#x884C;&#xFF1A;</p>
<pre><code>Include conf/mydomain-ssl.conf
</code></pre><p>&#x4FDD;&#x5B58;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x3002;
&#x4F7F;&#x7528;&#x96C6;&#x6210;&#x73AF;&#x5883;&#x7684;&#x63A7;&#x5236;&#x9762;&#x677F;&#x6216;&#x547D;&#x4EE4;&#x884C;&#x91CD;&#x542F; Apache &#xFF0C;&#x914D;&#x7F6E;&#x5B8C;&#x6210;&#x3002;</p>
<h2 id="&#x5F00;&#x542F;&#x5F3A;&#x5236;https&#x8DF3;&#x8F6C;">&#x5F00;&#x542F;&#x5F3A;&#x5236;https&#x8DF3;&#x8F6C;</h2>
<h4 id="&#x4E00;&#x3001;&#x521B;&#x5EFA;&#x4F2A;&#x9759;&#x6001;&#x6587;&#x4EF6;">&#x4E00;&#x3001;&#x521B;&#x5EFA;&#x4F2A;&#x9759;&#x6001;&#x6587;&#x4EF6;</h4>
<p>&#x8FDB;&#x5165;&#x5230;&#x9879;&#x76EE;&#x6839;&#x76EE;&#x5F55;&#x6587;&#x4EF6;&#x5939;&#x4E0B;&#xFF0C;&#x521B;&#x5EFA;&#x4E00;&#x4E2A;&#x7A7A;&#x767D;&#x6587;&#x4EF6; .htaccess&#xFF08;&#x5982;&#x679C;&#x5B58;&#x5728;&#x8BE5;&#x6587;&#x4EF6;&#xFF0C;&#x76F4;&#x63A5;&#x7F16;&#x8F91;&#x8BE5;&#x6587;&#x4EF6;&#xFF09;&#xFF0C;&#x5C06;&#x4E0B;&#x5217;&#x4EE3;&#x7801;&#x7C98;&#x8D34;&#x81F3; .htaccess &#x6587;&#x4EF6;&#x5185;&#x5BB9;&#x6700;&#x540E;&#x9762;</p>
<pre><code>RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</code></pre><h4 id="&#x4E8C;&#x3001;&#x6D4B;&#x8BD5;">&#x4E8C;&#x3001;&#x6D4B;&#x8BD5;</h4>
<p>&#x4FDD;&#x5B58;&#x6B63;&#x5728;&#x7F16;&#x8F91;&#x7684; .htaccess &#x6587;&#x4EF6;&#x3002;&#x6E05;&#x9664;&#x6D4F;&#x89C8;&#x5668;&#x7F13;&#x5B58;&#xFF0C;&#x91CD;&#x65B0;&#x8BBF;&#x95EE;&#x60A8;&#x7684;&#x7F51;&#x7AD9;&#x57DF;&#x540D;&#x67E5;&#x770B;&#x8DF3;&#x8F6C;&#x6548;&#x679C;&#x3002;</p>
<h2 id="&#x5F00;&#x542F;&#x5F3A;&#x5236;hsts">&#x5F00;&#x542F;&#x5F3A;&#x5236;HSTS</h2>
<h4 id="&#x4E00;&#x3001;&#x67E5;&#x627E;&#x914D;&#x7F6E;&#x6587;&#x4EF6;">&#x4E00;&#x3001;&#x67E5;&#x627E;&#x914D;&#x7F6E;&#x6587;&#x4EF6;</h4>
<p>&#x5728;&#x5F00;&#x542F;&#x914D;&#x7F6E;&#x4E4B;&#x524D;&#xFF0C;&#x9700;&#x8981;&#x627E;&#x5230; Apahce &#x7684;&#x4E3B;&#x914D;&#x7F6E;&#x6587;&#x4EF6; httpd.conf&#x3002;</p>
<h4 id="&#x4E8C;&#x3001;&#x5F00;&#x542F;-modheadersso-&#x6A21;&#x5757;">&#x4E8C;&#x3001;&#x5F00;&#x542F; mod_headers.so &#x6A21;&#x5757;</h4>
<p>&#x8BF7;&#x4F7F;&#x7528; Notpad++ &#x7F16;&#x8F91;&#x5668;&#xFF08;&#x4E0D;&#x8981;&#x4F7F;&#x7528; Windows &#x8BB0;&#x4E8B;&#x672C;&#xFF09;&#x6253;&#x5F00;&#x67E5;&#x627E;&#x5230; httpd.conf &#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x3002;
&#x5728;&#x7F16;&#x8F91;&#x5668;&#x5185;&#x6309;&#x4E0B;&#x67E5;&#x627E;&#x5FEB;&#x6377;&#x952E; Control+F &#x5524;&#x51FA;&#x5185;&#x5BB9;&#x67E5;&#x627E;&#x5668;&#xFF0C;&#x8F93;&#x5165; mod_headers.so &#x5E76;&#x70B9;&#x51FB;&#x67E5;&#x627E;&#x3002;
&#x53BB;&#x9664;&#x4E0B;&#x9762;&#x8FD9;&#x884C;&#x4E4B;&#x524D;&#x7684;#&#x53F7;&#xFF0C;&#x5E76;&#x4FDD;&#x5B58;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x3002;</p>
<pre><code>LoadModule headers_module modules/mod_mod_headers.so
</code></pre><h4 id="&#x4E09;&#x3001;&#x67E5;&#x627E;&#x5DF2;&#x7ECF;&#x5F00;&#x542F;-ssl-&#x7684;&#x7AD9;&#x70B9;&#x914D;&#x7F6E;&#x6587;&#x4EF6;">&#x4E09;&#x3001;&#x67E5;&#x627E;&#x5DF2;&#x7ECF;&#x5F00;&#x542F; SSL &#x7684;&#x7AD9;&#x70B9;&#x914D;&#x7F6E;&#x6587;&#x4EF6;</h4>
<p>&#x5728;&#x5BA2;&#x6237;&#x673A;&#x4E0A;&#x67E5;&#x627E;&#x7AD9;&#x70B9;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#xFF0C;&#x7AD9;&#x70B9;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x901A;&#x5E38;&#x4F4D;&#x4E8E; httpd.conf&#x3001;vhost-ssl.conf&#x3001;vhost.conf &#x6216;&#x8005;&#x81EA;&#x5B9A;&#x4E49;&#x7684;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x5185;&#x3002;
&#x4E3A;&#x4E86;&#x65B9;&#x4FBF;&#x7406;&#x89E3;&#xFF0C;&#x8FD9;&#x91CC;&#x6211;&#x4EEC;&#x5047;&#x8BBE;&#x627E;&#x5230;&#x7684; SSL &#x7AD9;&#x70B9;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x4E3A; mydomain-ssl.conf</p>
<h4 id="&#x56DB;&#x3001;&#x5F00;&#x542F;&#x7AD9;&#x70B9;-hsts">&#x56DB;&#x3001;&#x5F00;&#x542F;&#x7AD9;&#x70B9; HSTS</h4>
<p>&#x63D2;&#x5165; HSTS &#x4EE3;&#x7801;</p>
<pre><code>Header always set Strict-Transport-Security &quot;max-age=63072000; includeSubdomains; preload&quot;
</code></pre><p>&#x7F16;&#x8F91;&#x914D;&#x7F6E; mydomain-ssl.conf &#x5185;&#x5BB9;&#x5982;&#x4E0B;</p>
<pre><code>&lt;VirtualHost *:443&gt;
DocumentRoot &quot;\www\mydomain&quot;
ServerName mydomain.com:443
ServerAlias www.mydomain.com
ErrorLog &quot;logs/error_log&quot;
TransferLog &quot;logs/access_log&quot;

SSLEngine on
SSLCertificateFile &quot;/conf/ssl/mydomain.pem&quot;
SSLCertificateKeyFile &quot;/conf/ssl/mydomain.key&quot;
SSLCertificateChainFile &quot;/conf/ssl/ca-chain.pem&quot;
Header always set Strict-Transport-Security &quot;max-age=63072000; includeSubdomains; preload&quot;
&lt;/VirtualHost&gt;
</code></pre><p>&#x4FDD;&#x5B58;&#x60A8;&#x6B63;&#x5728;&#x7F16;&#x8F91;&#x7684;&#x914D;&#x7F6E;&#x6587;&#x4EF6;</p>
<h4 id="&#x4E94;&#x3001;&#x91CD;&#x542F;&#x548C;&#x6D4B;&#x8BD5;">&#x4E94;&#x3001;&#x91CD;&#x542F;&#x548C;&#x6D4B;&#x8BD5;</h4>
<p>&#x91CD;&#x65B0;&#x542F;&#x52A8;&#x60A8;&#x7684; Apache&#xFF0C;&#x6E05;&#x9664;&#x6D4F;&#x89C8;&#x5668;&#x7F13;&#x5B58;&#xFF0C;&#x8BBF;&#x95EE;2&#x6B21;&#x67E5;&#x770B;&#x6548;&#x679C;&#x3002;
&#x60A8;&#x4E5F;&#x53EF;&#x4EE5;&#x901A;&#x8FC7;chrome&#x6D4F;&#x89C8;&#x5668;&#x7684;&#x5F00;&#x53D1;&#x8005;&#x9009;&#x9879;&#x2192;&#x7F51;&#x7EDC;&#x9879;&#x67E5;&#x770B;&#x670D;&#x52A1;&#x5668;&#x8FD4;&#x56DE;&#x7684;&#x5934;&#x4FE1;&#x606F;&#xFF0C;&#x6765;&#x5224;&#x65AD;&#x662F;&#x5426;&#x5DF2;&#x7ECF;&#x5F00;&#x542F;HSTS</p>
<p><img src="https://developer.trustocean.com/usr/uploads/2020/07/393220164.png" alt=""></p>
<p>&#x6839;&#x636E;&#x60A8;&#x5BF9;HSTS&#x7684;&#x914D;&#x7F6E;&#xFF0C;&#x6240;&#x67E5;&#x770B;&#x5230;&#x7684; Strict-Transport-Security &#x914D;&#x7F6E;&#x503C;&#x53EF;&#x80FD;&#x4E0D;&#x4E00;&#x6837;&#x3002;</p>
<p>&#x606D;&#x559C;&#x60A8;&#xFF01;&#x60A8;&#x7684;&#x7F51;&#x7AD9;&#x5DF2;&#x7ECF;&#x5F00;&#x542F; HSTS &#x5B89;&#x5168;&#x7B56;&#x7565;&#x3002; </p>
<footer class="page-footer"><span class="copyright">&#x9655;ICP&#x5907;16016201&#x53F7;,Copyright &#xA9; tysb7 2020 all right reserved&#xFF0C;powered by Gitbook</span><span class="footer-modification">&#x8BE5;&#x6587;&#x7AE0;&#x4FEE;&#x8BA2;&#x65F6;&#x95F4;&#xFF1A;
2020-10-15 11:46:14
</span></footer>
                                
                                </section>
                            
    </div>
    <div class="search-results">
        <div class="has-results">
            
            <h1 class="search-results-title"><span class='search-results-count'></span> results matching "<span class='search-query'></span>"</h1>
            <ul class="search-results-list"></ul>
            
        </div>
        <div class="no-results">
            
            <h1 class="search-results-title">No results matching "<span class='search-query'></span>"</h1>
            
        </div>
    </div>
</div>

                        </div>
                    </div>
                
            </div>

            
                
                <a href="Nginx.html" class="navigation navigation-prev " aria-label="Previous page: Nginx">
                    <i class="fa fa-angle-left"></i>
                </a>
                
                
                <a href="TomCat.html" class="navigation navigation-next " aria-label="Next page: TomCat">
                    <i class="fa fa-angle-right"></i>
                </a>
                
            
        
    </div>

    <script>
        var gitbook = gitbook || [];
        gitbook.push(function() {
            gitbook.page.hasChanged({"page":{"title":"Apache","level":"1.3.4","depth":2,"next":{"title":"TomCat","level":"1.3.5","depth":2,"path":"install/TomCat.md","ref":"install/TomCat.md","articles":[]},"previous":{"title":"Nginx","level":"1.3.3","depth":2,"path":"install/Nginx.md","ref":"install/Nginx.md","articles":[]},"dir":"ltr"},"config":{"gitbook":"*","theme":"default","variables":{},"plugins":["hide-element","back-to-top-button","chapter-fold","splitter","-lunr","-search","search-pro","insert-logo","pageview-count","tbfed-pagefooter"],"pluginsConfig":{"tbfed-pagefooter":{"copyright":"陕ICP备16016201号,Copyright &copy tysb7 2020","modify_label":"该文章修订时间：","modify_format":"YYYY-MM-DD HH:mm:ss"},"chapter-fold":{},"splitter":{},"search-pro":{},"hide-element":{"elements":[".gitbook-link"]},"fontsettings":{"theme":"white","family":"sans","size":2},"highlight":{},"back-to-top-button":{},"pageview-count":{},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"insert-logo":{"style":"background: none; max-height: 30px; min-height: 30px","url":"https://allinssl.com/storage/2020/06/02/1591058380-allinlogowhite_.svg"}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"}},"file":{"path":"install/Apache.md","mtime":"2020-10-15T03:46:14.108Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2020-10-22T08:15:58.383Z"},"basePath":"..","book":{"language":""}});
        });
    </script>
</div>

        
    <script src="../gitbook/gitbook.js"></script>
    <script src="../gitbook/theme.js"></script>
    
        
        <script src="../gitbook/gitbook-plugin-hide-element/plugin.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-back-to-top-button/plugin.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-chapter-fold/chapter-fold.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-splitter/splitter.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-search-pro/jquery.mark.min.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-search-pro/search.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-insert-logo/plugin.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-pageview-count/plugin.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-sharing/buttons.js"></script>
        
    
        
        <script src="../gitbook/gitbook-plugin-fontsettings/fontsettings.js"></script>
        
    

    </body>
</html>

